Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
The product does not handle or incorrectly handles an exceptional condition.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Nimbus_jose+jwt | Connect2id | * | * |